18 May
2017
18 May
'17
11:03 a.m.
Craig,
I can run TCPDUMP on the firewall at the Unix command
prompt which means
that I am seeing raw packets BEFORE the firewall rules are applied. Again,
no traffic at all from the 44 net side of the world.
Yes, but are you CERTAIN that
you run tcpdump *before* your Kernel
process a tunneled packet?!?
The bigger point I'm making here is that I ran
TCPDUMP at the OS level which
would show the packets before the firewall rules are applied.
Not necessarily,
which is why I suggested disconnecting the router. You
seem to have implemented IPENCAP tunnel (probably a working of kmod-ipip
for Juniper), and we can't be quite certain of how that operates (unless
we have a Juniper OS Development Engineer available).
From encap.txt:
'route addprivate 44.44.7.16/29 encap 96.86.86.53'
I'll ping/trace 44.44.7.17 and see where that takes us, you should see
me at the border at the cable modem PHY, if they are not blocked thru
the ISP.
Also, how did you implement RIP44 (not the same as RIPv2) into Juniper?
73,
- Lynwood
KB3VWG